Re: COM+ and NetworkCredential problem

From: Willy Denoyette [MVP] (willy.denoyette_at_telenet.be)
Date: 08/30/05

• Next message: Craig Vedur: "how to get all groups from AD?"
• Previous message: Hans Kesting: "Re: The ASP.NET FAQ..."
• In reply to: surya: "COM+ and NetworkCredential problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 30 Aug 2005 15:38:53 +0200

"surya" <suryanarayanan.varadarajan@honeywell.com> wrote in message
news:%231k6GHSrFHA.1028@TK2MSFTNGP12.phx.gbl...
> Hi,
>
> I have a COM+ out of proc service that is configured to impersonate the
> user
> making the call to the COM+ service. Is there a way to create a
> NetworkCredential object based on the current thread's security? Using
> System.Net.CredentialCache.DefaultCredentials always returns the
> credentials
> of the user configured to run the out of proc COM+ server and not the
> credentials of the user set on the current thread.
>
> Regards
> Surya
>
>
>

Impersonate != delegate. So you need to select delegate a impersonation
level, but:
- the client has to specify during the initial authentication (using
Kerberos) that it allows it's identity to be delegated (this is the default
for AD accounts) , and
- you need to run in a Kerberos realm,
- and the server needs to be trusted for delegation i the AD (not set by
default).

Willy.
PS. please, don't cross-post to half of microsoft NG's, you question relates
to .NET Microsoft.public.dotnet.framework.component_services and possibly to
Microsoft.public.platformsd.component_svcs only.

• Next message: Craig Vedur: "how to get all groups from AD?"
• Previous message: Hans Kesting: "Re: The ASP.NET FAQ..."
• In reply to: surya: "COM+ and NetworkCredential problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages impersonate/delegate problem ... I want to impersonate the current user accessing my website... ... the user to the webserver under the current users identity... ... see if some windows services are running on network servers... ... "delegate" the current users identity to the ASPNET... ... (microsoft.public.dotnet.framework.aspnet.security) Re: Remote file access while impersonating with NTLM ... If you don't impersonate the client, then the file should be read with the ... to delegate, ... Everything is in a domain and the service runs as a domain user ... (microsoft.public.dotnet.security) Re: COM+ and NetworkCredential problem ... Another related question: ... return the credentials of the impersonated user on the current thread or the ... >> I have a COM+ out of proc service that is configured to impersonate the ... So you need to select delegate a impersonation ... (microsoft.public.dotnet.framework) impersonate/delegate problem ... webserver from within AD users and computers) to pass the ... on our production network. ... >I want to impersonate the current user accessing my ... >what more do I need to get delegate to work? ... (microsoft.public.dotnet.framework.aspnet.security) COM+ thread and NetworkCredential ... I have a COM+ out of proc service that is configured to impersonate the user ... System.Net.CredentialCache.DefaultCredentials always returns the credentials ... Regards ... (microsoft.public.dotnet.security)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint